streams/Code/Lib/JSalmon.php

<?php

namespace Code\Lib;

use Code\Web\HTTPSig;

class JSalmon
{

    public static function sign($data, $key_id, $key, $data_type = 'application/x-nomad+json'): array
    {

        $data = base64url_encode(json_encode($data, true)); // strip padding
        $encoding = 'base64url';
        $algorithm = 'RSA-SHA256';

        $data = preg_replace('/\s+/', '', $data);

        // precomputed base64url encoding of data_type, encoding, algorithm concatenated with periods

        $precomputed = '.' . base64url_encode($data_type) . '.YmFzZTY0dXJs.UlNBLVNIQTI1Ng';

        $signature = base64url_encode(Crypto::sign($data . $precomputed, $key));

        return ([
            'signed' => true,
            'data' => $data,
            'data_type' => $data_type,
            'encoding' => $encoding,
            'alg' => $algorithm,
            'sigs' => [
                'value' => $signature,
                'key_id' => base64url_encode($key_id)
            ]
        ]);
    }

    public static function verify($x): array|bool
    {
        logger('verify');
        $ret = ['results' => []];

        if (!is_array($x)) {
            return false;
        }
        if (!(array_key_exists('signed', $x) && $x['signed'])) {
            return false;
        }

        $signed_data = preg_replace('/\s+/', '', $x['data']) . '.'
            . base64url_encode($x['data_type']) . '.'
            . base64url_encode($x['encoding']) . '.'
            . base64url_encode($x['alg']);

        $key = HTTPSig::get_key(EMPTY_STR, 'zot6', base64url_decode($x['sigs']['key_id']));
        logger('key: ' . print_r($key, true));
        if ($key['portable_id'] && $key['public_key']) {
            if (Crypto::verify($signed_data, base64url_decode($x['sigs']['value']), $key['public_key'])) {
                logger('verified');
                $ret = ['success' => true, 'signer' => $key['portable_id'], 'hubloc' => $key['hubloc']];
            }
        }

        return $ret;
    }

    public static function unpack($data)
    {
        return json_decode(base64url_decode($data), true);
    }
}
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00			`<?php`

it's done 2022-02-16 04:08:28 +00:00			`namespace Code\Lib;`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00
it's done 2022-02-16 04:08:28 +00:00			`use Code\Web\HTTPSig;`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`class JSalmon`
			`{`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00
cleanup 2022-08-23 11:01:09 +00:00			`public static function sign($data, $key_id, $key, $data_type = 'application/x-nomad+json'): array`
psr12 updates 2021-12-02 23:02:31 +00:00			`{`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00
cleanup 2022-08-28 06:06:24 +00:00			`$data = base64url_encode(json_encode($data, true)); // strip padding`
psr12 updates 2021-12-02 23:02:31 +00:00			`$encoding = 'base64url';`
			`$algorithm = 'RSA-SHA256';`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`$data = preg_replace('/\s+/', '', $data);`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`// precomputed base64url encoding of data_type, encoding, algorithm concatenated with periods`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00
cleanup 2022-08-28 06:06:24 +00:00			`$precomputed = '.' . base64url_encode($data_type) . '.YmFzZTY0dXJs.UlNBLVNIQTI1Ng';`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00
cleanup 2022-08-28 06:06:24 +00:00			`$signature = base64url_encode(Crypto::sign($data . $precomputed, $key));`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`return ([`
			`'signed' => true,`
			`'data' => $data,`
			`'data_type' => $data_type,`
			`'encoding' => $encoding,`
			`'alg' => $algorithm,`
			`'sigs' => [`
			`'value' => $signature,`
cleanup 2022-08-28 06:06:24 +00:00			`'key_id' => base64url_encode($key_id)`
psr12 updates 2021-12-02 23:02:31 +00:00			`]`
			`]);`
			`}`
finish the jsalmon verification bit 2018-06-28 02:22:12 +00:00
cleanup 2022-08-23 11:01:09 +00:00			`public static function verify($x): array\|bool`
psr12 updates 2021-12-02 23:02:31 +00:00			`{`
			`logger('verify');`
			`$ret = ['results' => []];`
finish the jsalmon verification bit 2018-06-28 02:22:12 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`if (!is_array($x)) {`
			`return false;`
			`}`
			`if (!(array_key_exists('signed', $x) && $x['signed'])) {`
			`return false;`
			`}`
finish the jsalmon verification bit 2018-06-28 02:22:12 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`$signed_data = preg_replace('/\s+/', '', $x['data']) . '.'`
cleanup 2022-08-28 06:06:24 +00:00			`. base64url_encode($x['data_type']) . '.'`
			`. base64url_encode($x['encoding']) . '.'`
			`. base64url_encode($x['alg']);`
cleanup of jsalmon, return hubloc with verification success to save a lookup 2018-06-29 03:25:43 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`$key = HTTPSig::get_key(EMPTY_STR, 'zot6', base64url_decode($x['sigs']['key_id']));`
			`logger('key: ' . print_r($key, true));`
			`if ($key['portable_id'] && $key['public_key']) {`
			`if (Crypto::verify($signed_data, base64url_decode($x['sigs']['value']), $key['public_key'])) {`
			`logger('verified');`
			`$ret = ['success' => true, 'signer' => $key['portable_id'], 'hubloc' => $key['hubloc']];`
			`}`
			`}`
finish the jsalmon verification bit 2018-06-28 02:22:12 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`return $ret;`
			`}`
finish the jsalmon verification bit 2018-06-28 02:22:12 +00:00
psr12 updates 2021-12-02 23:02:31 +00:00			`public static function unpack($data)`
			`{`
			`return json_decode(base64url_decode($data), true);`
			`}`
psr12 rewrites, continued 2021-12-03 03:01:39 +00:00			`}`
Add JSalmon signing library for Zot6. See https://macgirvin.com/wiki/mike/Zot%2BVI/Encryption/Signatures 2017-10-06 03:09:21 +00:00